cpe:/a:apache:activemq:1.1 cpe:/a:apache:activemq:1.2 cpe:/a:apache:activemq:1.3 cpe:/a:apache:activemq:1.4 cpe:/a:apache:activemq:1.5 cpe:/a:apache:activemq:2.0 cpe:/a:apache:activemq:2.1 cpe:/a:apache:activemq:3.0 cpe:/a:apache:activemq:3.1 cpe:/a:apache:activemq:3.2 cpe:/a:apache:activemq:3.2.1 cpe:/a:apache:activemq:3.2.2 cpe:/a:apache:activemq:4.0 cpe:/a:apache:activemq:4.0:m4 cpe:/a:apache:activemq:4.0:rc2 cpe:/a:apache:activemq:4.0.1 cpe:/a:apache:activemq:4.0.2 cpe:/a:apache:activemq:4.1.0 cpe:/a:apache:activemq:4.1.1 cpe:/a:apache:activemq:5.0.0 cpe:/a:apache:activemq:5.1.0 cpe:/a:apache:activemq:5.2.0 cpe:/a:apache:activemq:5.3.0 CVE-2010-1244 2010-04-05T12:30:00.640-04:00 2017-08-16T21:32:18.587-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2010-04-06T15:46:00.000-04:00 SECUNIA 39223 XF activemq-web-console-csrf(57398) CONFIRM http://activemq.apache.org/activemq-531-release.html CONFIRM https://issues.apache.org/activemq/browse/AMQ-2613 CONFIRM https://issues.apache.org/activemq/browse/AMQ-2625 Cross-site request forgery (CSRF) vulnerability in createDestination.action in Apache ActiveMQ before 5.3.1 allows remote attackers to hijack the authentication of unspecified victims for requests that create queues via the JMSDestination parameter in a queue action.